High-security systems, such as e.g. smart cards or security cards, require a high safety level and resistance to attacks from outside. In the field of the conventional technique, one distinguishes e.g. “faults”, which refer to a physically induced failure e.g. of a circuit in a chip, and so-called “errors”, which refer to a failure of a system that can be observed from outside. “Errors” are based on “faults” that have an influence on the outputs of a system. For example, a binary state or a bit that is stored in a memory can be inverted by irradiation with light, in particular with a laser. This means that the logical state is changed. Such scenarios occur e.g. in the event of attacks on safety systems, in order to discover internal secrets, e.g. cryptographic keys. It is possible that an error is static, i.e. that a memory permanently stores the manipulated state, in other examples these errors occur dynamically, i.e. they occur during the outer action, such as e.g. the irradiation by the laser, but are however not stored, i.e. a state manipulated by irradiation returns to the original state when the outer action ends.
A “fault attack” tries to bring about an error in a system, e.g. through irradiation with light, in order to derive internal relations or secrets from a faulty system behaviour, which can be observed e.g. based on the behaviour of its outputs. In particular, such attacks are carried out against cryptographic systems, whereby one tries to discover cryptographic keys or algorithms. Therefore, safety systems are protected against such attacks. It is required that a failure of such a system can practically be excluded.
A quality measure that is used for safety systems and in which is reflected the resistance to errors of a system induced from outside represents the PUE (PUE=Probability of Undetected Error). In a given attack scenario, the value of the PUE represents the probability that an aggressor will succeed in causing an faulty system behaviour, which can e.g. be observed by erroneous output values that can then be used for calculating or evaluating an internal secret. Typical values for the PUE are within the range of 2−30, the values within this range occur e.g. in EAL (EAL=Evaluation Assurance Level), where 2−30 would be considered as a typical value for EAL5+.
In the field of the conventional technique, no further aids are present for examinations of a safety level based on error recognition. The determination of the PUE of a system is therefore complex and cost intensive.